KeySetCommands command group for the AdminTask object

You can use the Jython or Jacl scripting languages to configure security with the wsadmin tool. The commands and parameters in the KeySetCommands group can be used to create, delete, and query for key set settings in your configuration. The SSLConfigCommands command group for the AdminTask object includes the following commands:

• createSSLConfig

• createKeySet

• deleteKeySet

• generateKeyForKeySet

• getKeySet

• listKeySets

• modifyKeySet

createSSLConfig

The createSSLConfig command creates an SSL configuration that is based on key store and trust store settings. You can use the SSL configuration settings to make the SSL connections.

Target object None.

Required parameters and return values

-alias

The name of the alias. (String, required)

-scopeName

The name of the scope. (String, optional)

-clientKeyAlias

The certificate alias name for the client. (String, optional)

-serverKeyAlias

The certificate alias name for the server. (String, optional)

-type

The type of SSL configuration. (String, optional)

-clientAuthentication

Set the value of this parameter to true to request client authentication. Otherwise, set the value of this parameter to false. (Boolean, optional)

-securityLevel

The cipher group that you want to use. Valid values include: HIGH, MEDIUM, LOW, and CUSTOM. (String, optional)

-enabledCiphers

A list of ciphers used during SSL handshake. (String, optional)

-jsseProvider

One of the JSSE providers. (String, optional)

-clientAuthenticationSupported

Set the value of this parameter to true to support client authentication. Otherwise, set the value of this parameter to false. (Boolean, optional)

-sslProtocol

The protocol type for the SSL handshake. Valid values include: SSL_TLS, SSL, SSLv2, SSLv3, TLS, TLSv1. (String, optional)

-trustManagerObjectName

A list of trust managers separated by commas. (String, optional)

-trustStoreNames

The key store that holds trust information used to validate the trust from remote connections. (String, required)

-trustStoreScopeName

The management scope name of the trust store. (String, optional)

-keyStoreName

The key store that holds the personal certificates that provide identity for the connection. (String, required)

-keyStoreScopeName

The management scope name of the key store. (String, optional)

-ssslKeyRingName

Specifies a system SSL (SSSL) key ring name. The value for this parameter has no affect unless the SSL configuration type is SSSL. (String, optional)

• Returns: The configuration object name of the SSL configuration object that you created.

Examples

Batch mode example usage:

• Using Jacl:

  $AdminTask createSSLConfig {-alias testSSLCfg  -clientKeyAlias key1 -serverKeyAlias
  key2 -trustStoreName trustKS –keyStoreName  testKS -keyManagerName testKeyMgr}

• Using Jython string:

  AdminTask.createSSLConfig ('[-alias testSSLCfg  -clientKeyAlias key1 -serverKeyAlias 
  key2 -trustStoreName trustKS –keyStoreName  testKS -keyManagerName testKeyMgr]')

• Using Jython list:

  AdminTask.createSSLConfig (['-alias', 'testSSLCfg', '-clientKeyAlias', 
  'key1', '-serverKeyAlias', 'key2', '-trustStoreName', 'trustKS', 
  '–keyStoreName', 'testKS', '-keyManagerName', 'testKeyMgr'])

Interactive mode example usage:

• Using Jacl:

  $AdminTask createSSLConfig {-interactive}

• Using Jython string:

  AdminTask.createSSLConfig ('[-interactive]')

• Using Jython list:

  AdminTask.createSSLConfig (['-interactive'])

createKeySet

The createKeySet command creates the key set settings in the configuration. Use this command to control key instances that have the same type.

Target object None.

Required parameters and return values

-name

The name that uniquely identifies the key set. (String, required)

-scopeName

The name of the scope. (String, optional)

-aliasPrefix

The prefix for the key alias when a new key generates. (String, required)

-password

The password that protects the key in the key store. (String, required)

-maxKeyReferences

The maximum number of key references returned keys from this key set. (Integer, required)

-deleteOldKeys

Set the value of this parameter to true to delete old keys when new keys are generated. Otherwise, set the value of this parameter to false. (Boolean, optional)

-keyGenerationClass

The class that is used to generate new keys in the key set. (String, optional)

-keyStoreName

The key store that contains the keys. (String, required)

-keyStoreScopeName

The management scope where the key store is located. (String, optional)

-isKeyPair

Set the value of this parameter to true if the keys in the key set are key pairs. Otherwise, set the value of this parameter to false. (Boolean, optional)

• Returns: The configuration object name of the key set object that you created.

Examples

Batch mode example usage:

• Using Jacl:

  $AdminTask createKeySet {-name testKeySet –aliasPrefix test –password pwd 
  –maxKeyReferences 2 –deleteOldKeys true –keyStoreName testKeyStore –isKeyPair false}

• Using Jython string:

  AdminTask.createKeySet('[-name testKeySet –aliasPrefix test –password pwd 
  –maxKeyReferences 2 –deleteOldKeys true –keyStoreName testKeyStore –isKeyPair false]')

• Using Jython list:

  AdminTask.createKeySet(['-name', 'testKeySet', '–aliasPrefix', 'test', 
  '–password', 'pwd', '–maxKeyReferences', '2', '–deleteOldKeys', 'true', 
  '–keyStoreName', 'testKeyStore', '–isKeyPair', 'false'])

Interactive mode example usage:

• Using Jacl:

  $AdminTask createKeySet {-interactive}

• Using Jython string:

  AdminTask.createKeySet ('[-interactive]')

• Using Jython list:

  AdminTask.createKeySet (['-interactive'])

deleteKeySet

The deleteKeySet command deletes the settings of a key set from the configuration.

Target object None.

Required parameters and return values

-name

The name that uniquely identifies the key set. (String, required)

-scopeName

The name of the scope. (String, optional)

• Returns: None.

Examples

Batch mode example usage:

• Using Jacl:

  $AdminTask deleteKeySet{ -name testKeySet}

• Using Jython string:

  AdminTask.deleteKeySet('[-name testKeySet]')

• Using Jython list:

  AdminTask.deleteKeySet(['-name', 'testKeySet'])

Interactive mode example usage:

• Using Jacl:

  $AdminTask deleteKeySet {-interactive}

• Using Jython string:

  AdminTask.deleteKeySet ('[-interactive]')

• Using Jython list:

  AdminTask.deleteKeySet (['-interactive'])

generateKeyForKeySet

The generateKeyForKeySet command generates keys for the keys in the key set.

Target object None.

Required parameters and return values

-keySetName

The name of the key set. (String, required)

-keySetScope

The scope of the key set. (String, optional)

-keySetSaveConfig

Set the value of this parameter to true to save the configuration of the key set. Otherwise, set the value of this parameter to false. (Boolean, optional)

• Returns: None.

Examples

Batch mode example usage:

• Using Jacl:

  $AdminTask  generateKeyForKeySet{ -keySetName testKeySet }

• Using Jython string:

  AdminTask.generateKeyForKeySet('[-keySetName testKeySet]')

• Using Jython list:

  AdminTask.generateKeyForKeySet(['-keySetName', 'testKeySet'])

Interactive mode example usage:

• Using Jacl:

  $AdminTask generateKeyForKeySet {-interactive}

• Using Jython string:

  AdminTask.generateKeyForKeySet ('[-interactive]')

• Using Jython list:

  AdminTask.generateKeyForKeySet (['-interactive'])

getKeySet

The getKeySet command displays the settings of a particular key set.

Target object None.

Required parameters and return values

-name

The name that uniquely identifies the key set. (String, required)

-scopeName

The name of the scope. (String, optional)

• Returns: The settings of the specified key set group.

Examples

Batch mode example usage:

• Using Jacl:

  $AdminTask getKeySet {-name testKeySet}

• Using Jython string:

  AdminTask.getKeySet ('[-name testKeySet]')

• Using Jython list:

  AdminTask.getKeySet (['-name', 'testKeySet'])

Interactive mode example usage:

• Using Jacl:

  $AdminTask getKeySet {-interactive}

• Using Jython string:

  AdminTask.getKeySet ('[-interactive]')

• Using Jython list:

  AdminTask.getKeySet (['-interactive'])

listKeySets

The listKeySets command lists the key sets in a particular scope.

Target object None.

Required parameters and return values

-scopeName

The name of the scope. (String, optional)

-displayObjectNames

Set the value of this parameter to true to list the key set configuration objects within the scope. Set the value of this parameter to false if you want to list the strings that contain the key set group name and management scope. (Boolean, optional)

• Returns: The key sets for the scope that you specified.

Examples

Batch mode example usage:

• Using Jacl:

  $AdminTask listKeySets {-displayObjectName true}

• Using Jython string:

  AdminTask.listKeySets ('[-displayObjectName true]')

• Using Jython list:

  AdminTask.listKeySets (['-displayObjectName', 'true'])

Interactive mode example usage:

• Using Jacl:

  $AdminTask listKeySets {-interactive}

• Using Jython string:

  AdminTask.listKeySets ('[-interactive]')

• Using Jython list:

  AdminTask.listKeySets (['-interactive'])

modifyKeySet

The modifyKeySet command changes the settings of an existing key set.

Target object None.

Required parameters and return values

-name

The name that uniquely identifies the key set. (String, required)

-scopeName

The name of the scope. (String, optional)

-aliasPrefix

The prefix for the key alias when a new key generates. (String, optional)

-password

The password that protects the key in the key store. (String, optional)

-maxKeyReferences

The maximum number of key references returned keys from this key set. (Integer, optional)

-deleteOldKeys

Set the value of this parameter to true to delete old keys when new keys are generated. Otherwise, set the value of this parameter to false. (Boolean, optional)

-keyGenerationClass

The class that is used to generate new keys in the key set. (String, optional)

-keyStoreName

The key store that contains the keys. (String, optional)

-keyStoreScopeName

The management scope where the key store is located. (String, optional)

-isKeyPair

Set the value of this parameter to true if the keys in the key set are key pairs. Otherwise, set the value of this parameter to false. (Boolean, optional)

• Returns: None.

Examples

Batch mode example usage:

• Using Jacl:

  $AdminTask modifyKeySet {-name testKeySet -maxKeyReferences 3 
  –deleteOldKeys false}

• Using Jython string:

  AdminTask.modifyKeySet ('[-name testKeySet -maxKeyReferences 3 
  –deleteOldKeys false]')

• Using Jython list:

  AdminTask.modifyKeySet (['-name', 'testKeySet', '-maxKeyReferences', '3', 
  '–deleteOldKeys', 'false'])

Interactive mode example usage:

• Using Jacl:

  $AdminTask modifyKeySet {-interactive}

• Using Jython string:

  AdminTask.modifyKeySet ('[-interactive]')

• Using Jython list:

  AdminTask.modifyKeySet (['-interactive'])

Related tasks

Related Reference

Reference topic